SANTA CLARA, Calif.--(BUSINESS WIRE)--ServiceNow
(NYSE:NOW), the enterprise cloud company, today announced it’s extending
its industry-leading automation and orchestration expertise to transform
the way organizations respond to threats. ServiceNow’s first offering, Security
Operations, gives both security and IT teams a single platform to
respond to security incidents and vulnerabilities.

“ServiceNow is bridging the gap between IT operations and security by
replacing manual, informal processes with a proven orchestration
platform,” said Sean Convery, general manager of Security, ServiceNow.
“Transforming security response is the next frontier for firms to
fortify their security posture and increases the value of the detection
and protection products they have already deployed.”

It takes enterprises an average of 206 days to spot a breach and an
average of 69 days to contain it, according to the Ponemon
Institute.

A research
study from the Enterprise
Strategy Group (ESG) issued today – based on input from more than
180 security executives – offers insights to the obstacles facing rapid
and consistent security response. Highlights include:

The #1 incident response challenge cited was coordinating between
security and IT teams.

9 out of 10 respondents said that their incident response
effectiveness and efficiency is limited by the burden of manual
processes.

Nearly 75% of cybersecurity professionals said that incident response
tends to be based upon informal processes at their organizations.

A third of organizations spend at least half of all incident response
time on manual processes leading to inefficiencies and delays.

“Although organizations have invested heavily in identifying security
vulnerabilities, they’ve neglected a critical step in remediation –
formalizing their teams’ incident response workflows. This is especially
the case when it comes to collaboration between cybersecurity and IT
operations groups,” said Jon Oltsik, author of the report, ESG senior
principal analyst and the founder of the firm’s cybersecurity service.
“The ESG research clearly demonstrates how time-consuming, inefficient
and ultimately damaging these process problems and bottlenecks can be.”

ServiceNow Security Operations includes two cloud-based applications:
Security Incident Response and Vulnerability Response. By extending
ServiceNow’s industry-leading workflow and automation software to
incident and vulnerability response, organizations can remove
inefficient, manual processes – such as using emails, phone calls or
spreadsheets. ServiceNow enables customers to define, structure and
automate security response to compress the time to identify and contain
threats and vulnerabilities. This can ultimately reduce an
organization’s overall risk while improving analysts’ overall
effectiveness.

Specifically, ServiceNowSecurity Operations addresses the
security shortfall in these ways:

Provide a single platform for managing security incidents and
vulnerabilities. The software extends the workflow, automation,
orchestration and systems management capabilities of the core ServiceNow
platform to security teams. The platform enables the team to
manage the process of responding to and remediating incidents, and
removes manual processes that slow security incident resolution times.

Prioritize security risks with business criticality. Customers
can attach incidents and vulnerabilities to records within the ServiceNow
configuration management database (CMDB). This pairs security data
with insight into the virtual or physical asset at risk and the
business service that asset supports. By doing this an IT team can
see, for instance, that the server being attacked contains sensitive
human resources data and should be prioritized accordingly.

Automate mundane, manual functions to free up IT and security teams
to address critical issues. By leveraging ServiceWatch,
IT operations management software from ServiceNow, teams can trigger
automatic patching, configuration changes to security infrastructure,
or other standard workflows to contain and fix security incidents and
vulnerabilities. Automatic post-incident reports are created, crucial
for auditing purposes. This eliminates the tedious manual process most
organizations use today.

Gain greater visibility into current security issues by category,
class and priority, and status of tasks. Organizations get
role-based dashboards, providing real-time trending data necessary to
understand whether an organization is effective in securing their
enterprise. It also includes an executive dashboard showing team
productivity, existing gaps and overall security posture.

To increase the value of security products customers have already
deployed, ServiceNow Security Operations integrates with leading
third-party software applications, including security incident and event
managers, and vulnerability identification solutions. The software also
integrates with the National Vulnerability Database, which is the U.S.
government repository of standards-based vulnerability management data.
ServiceNow's application program interfaces (APIs) and the ServiceNow
Store make it easy for security companies to integrate to Security
Operations and join the ServiceNow
Technology Partner Program.

Availability and Pricing

ServiceNow Security Operations is available now and priced on a per
device basis.

Hear about the features from two senior ServiceNow developers who
created the application in Episode
8 of Techbytes, the ServiceNow podcast.

About ServiceNow

ServiceNow is changing the way people work. With a service-orientation
toward the activities, tasks and processes that make up day-to-day work
life, we help the modern enterprise operate faster and be more scalable
than ever before. Customers use our service model to define, structure
and automate the flow of work, removing dependencies on email and
spreadsheets to transform the delivery and management of services for
the enterprise. ServiceNow enables service management for every
department in the enterprise including IT, human resources, facilities,
field service and more. We deliver a ‘lights-out, light-speed’
experience through our enterprise cloud – built to manage everything as
a service. To find out how, visit www.servicenow.com.

ServiceNow and the ServiceNow logo are registered trademarks of
ServiceNow, Inc. All other brand and product names are trademarks or
registered trademarks of their respective holders.